From 67122290b1f30ffa963c1302f5513b5d4ff79b69 Mon Sep 17 00:00:00 2001 From: Tom Nightingale Date: Fri, 10 Mar 2017 11:01:17 -0800 Subject: [PATCH 1/3] Removing instances of token cleanup. --- .../src/Entity/RestfulTokenAuthController.php | 22 +++---- .../src/Plugin/resource/AccessToken__1_0.php | 66 ++++++++++--------- 2 files changed, 45 insertions(+), 43 deletions(-) diff --git a/modules/restful_token_auth/src/Entity/RestfulTokenAuthController.php b/modules/restful_token_auth/src/Entity/RestfulTokenAuthController.php index a730f07b..e136453c 100644 --- a/modules/restful_token_auth/src/Entity/RestfulTokenAuthController.php +++ b/modules/restful_token_auth/src/Entity/RestfulTokenAuthController.php @@ -57,17 +57,17 @@ public function generateAccessToken($uid) { */ private function generateRefreshToken($uid) { // Check if there are other refresh tokens for the user. - $query = new \EntityFieldQuery(); - $results = $query - ->entityCondition('entity_type', 'restful_token_auth') - ->entityCondition('bundle', 'refresh_token') - ->propertyCondition('uid', $uid) - ->execute(); - - if (!empty($results['restful_token_auth'])) { - // Delete the tokens. - entity_delete_multiple('restful_token_auth', array_keys($results['restful_token_auth'])); - } + // $query = new \EntityFieldQuery(); + // $results = $query + // ->entityCondition('entity_type', 'restful_token_auth') + // ->entityCondition('bundle', 'refresh_token') + // ->propertyCondition('uid', $uid) + // ->execute(); + // + // if (!empty($results['restful_token_auth'])) { + // // Delete the tokens. + // entity_delete_multiple('restful_token_auth', array_keys($results['restful_token_auth'])); + // } // Create a new refresh token. $values = array( diff --git a/modules/restful_token_auth/src/Plugin/resource/AccessToken__1_0.php b/modules/restful_token_auth/src/Plugin/resource/AccessToken__1_0.php index 77826587..f161ff78 100644 --- a/modules/restful_token_auth/src/Plugin/resource/AccessToken__1_0.php +++ b/modules/restful_token_auth/src/Plugin/resource/AccessToken__1_0.php @@ -46,7 +46,7 @@ public function controllersInfo() { return array( '' => array( // Get or create a new token. - RequestInterface::METHOD_GET => 'getOrCreateToken', + RequestInterface::METHOD_GET => 'createToken', RequestInterface::METHOD_OPTIONS => 'discover', ), ); @@ -55,43 +55,45 @@ public function controllersInfo() { /** * Create a token for a user, and return its value. */ - public function getOrCreateToken() { + public function createToken() { $entity_type = $this->getEntityType(); $account = $this->getAccount(); - // Check if there is a token that did not expire yet. - /* @var DataProviderEntityInterface $data_provider */ - $data_provider = $this->getDataProvider(); - $query = $data_provider->EFQObject(); - $result = $query - ->entityCondition('entity_type', $entity_type) - ->entityCondition('bundle', 'access_token') - ->propertyCondition('uid', $account->uid) - ->range(0, 1) - ->execute(); - - $token_exists = FALSE; - if (!empty($result[$entity_type])) { - $id = key($result[$entity_type]); - $access_token = entity_load_single($entity_type, $id); + // TODO: Reimplement token cleanup (but needs to support multiple tokens). - $token_exists = TRUE; - if (!empty($access_token->expire) && $access_token->expire < REQUEST_TIME) { - if (variable_get('restful_token_auth_delete_expired_tokens', TRUE)) { - // Token has expired, so we can delete this token. - $access_token->delete(); - } + // Check if there is a token that did not expire yet. + /* @var DataProviderEntityInterface $data_provider */ + // $data_provider = $this->getDataProvider(); + // $query = $data_provider->EFQObject(); + // $result = $query + // ->entityCondition('entity_type', $entity_type) + // ->entityCondition('bundle', 'access_token') + // ->propertyCondition('uid', $account->uid) + // ->range(0, 1) + // ->execute(); + // + // $token_exists = FALSE; + // + // if (!empty($result[$entity_type])) { + // $id = key($result[$entity_type]); + // $access_token = entity_load_single($entity_type, $id); + // + // $token_exists = TRUE; + // if (!empty($access_token->expire) && $access_token->expire < REQUEST_TIME) { + // if (variable_get('restful_token_auth_delete_expired_tokens', TRUE)) { + // // Token has expired, so we can delete this token. + // $access_token->delete(); + // } + // + // $token_exists = FALSE; + // } + // } - $token_exists = FALSE; - } - } + /* @var \Drupal\restful_token_auth\Entity\RestfulTokenAuthController $controller */ + $controller = entity_get_controller($this->getEntityType()); + $access_token = $controller->generateAccessToken($account->uid); + $id = $access_token->id; - if (!$token_exists) { - /* @var \Drupal\restful_token_auth\Entity\RestfulTokenAuthController $controller */ - $controller = entity_get_controller($this->getEntityType()); - $access_token = $controller->generateAccessToken($account->uid); - $id = $access_token->id; - } $output = $this->view($id); return $output; From d9c1b060b358d9980e6d31d1645575f24bb90419 Mon Sep 17 00:00:00 2001 From: Tom Nightingale Date: Fri, 10 Mar 2017 13:40:15 -0800 Subject: [PATCH 2/3] Re-enabling expired token cleanup when creating a new access token. Removing code that deletes a user's extra refresh tokens. --- .../src/Entity/RestfulTokenAuthController.php | 13 ------ .../src/Plugin/resource/AccessToken__1_0.php | 44 ++++++++----------- 2 files changed, 19 insertions(+), 38 deletions(-) diff --git a/modules/restful_token_auth/src/Entity/RestfulTokenAuthController.php b/modules/restful_token_auth/src/Entity/RestfulTokenAuthController.php index e136453c..12931821 100644 --- a/modules/restful_token_auth/src/Entity/RestfulTokenAuthController.php +++ b/modules/restful_token_auth/src/Entity/RestfulTokenAuthController.php @@ -56,19 +56,6 @@ public function generateAccessToken($uid) { * The token entity. */ private function generateRefreshToken($uid) { - // Check if there are other refresh tokens for the user. - // $query = new \EntityFieldQuery(); - // $results = $query - // ->entityCondition('entity_type', 'restful_token_auth') - // ->entityCondition('bundle', 'refresh_token') - // ->propertyCondition('uid', $uid) - // ->execute(); - // - // if (!empty($results['restful_token_auth'])) { - // // Delete the tokens. - // entity_delete_multiple('restful_token_auth', array_keys($results['restful_token_auth'])); - // } - // Create a new refresh token. $values = array( 'uid' => $uid, diff --git a/modules/restful_token_auth/src/Plugin/resource/AccessToken__1_0.php b/modules/restful_token_auth/src/Plugin/resource/AccessToken__1_0.php index f161ff78..2fae3a77 100644 --- a/modules/restful_token_auth/src/Plugin/resource/AccessToken__1_0.php +++ b/modules/restful_token_auth/src/Plugin/resource/AccessToken__1_0.php @@ -63,31 +63,25 @@ public function createToken() { // Check if there is a token that did not expire yet. /* @var DataProviderEntityInterface $data_provider */ - // $data_provider = $this->getDataProvider(); - // $query = $data_provider->EFQObject(); - // $result = $query - // ->entityCondition('entity_type', $entity_type) - // ->entityCondition('bundle', 'access_token') - // ->propertyCondition('uid', $account->uid) - // ->range(0, 1) - // ->execute(); - // - // $token_exists = FALSE; - // - // if (!empty($result[$entity_type])) { - // $id = key($result[$entity_type]); - // $access_token = entity_load_single($entity_type, $id); - // - // $token_exists = TRUE; - // if (!empty($access_token->expire) && $access_token->expire < REQUEST_TIME) { - // if (variable_get('restful_token_auth_delete_expired_tokens', TRUE)) { - // // Token has expired, so we can delete this token. - // $access_token->delete(); - // } - // - // $token_exists = FALSE; - // } - // } + $data_provider = $this->getDataProvider(); + $query = $data_provider->EFQObject(); + $result = $query + ->entityCondition('entity_type', $entity_type) + ->entityCondition('bundle', 'access_token') + ->propertyCondition('uid', $account->uid) + ->execute(); + + if (!empty($result[$entity_type])) { + foreach ($result[$entity_type] as $id => $value) { + $access_token = entity_load_single($entity_type, $id); + if (!empty($access_token->expire) && $access_token->expire < REQUEST_TIME) { + if (variable_get('restful_token_auth_delete_expired_tokens', TRUE)) { + // Token has expired, so we can delete this token. + $access_token->delete(); + } + } + } + } /* @var \Drupal\restful_token_auth\Entity\RestfulTokenAuthController $controller */ $controller = entity_get_controller($this->getEntityType()); From 081494eeb03ff0a045013d6bf5e036926c7f584a Mon Sep 17 00:00:00 2001 From: Tom Nightingale Date: Fri, 10 Mar 2017 13:52:52 -0800 Subject: [PATCH 3/3] Removed TODO --- .../restful_token_auth/src/Plugin/resource/AccessToken__1_0.php | 2 -- 1 file changed, 2 deletions(-) diff --git a/modules/restful_token_auth/src/Plugin/resource/AccessToken__1_0.php b/modules/restful_token_auth/src/Plugin/resource/AccessToken__1_0.php index 2fae3a77..cb95f972 100644 --- a/modules/restful_token_auth/src/Plugin/resource/AccessToken__1_0.php +++ b/modules/restful_token_auth/src/Plugin/resource/AccessToken__1_0.php @@ -59,8 +59,6 @@ public function createToken() { $entity_type = $this->getEntityType(); $account = $this->getAccount(); - // TODO: Reimplement token cleanup (but needs to support multiple tokens). - // Check if there is a token that did not expire yet. /* @var DataProviderEntityInterface $data_provider */ $data_provider = $this->getDataProvider();